Brinqa Enterprise Vulnerability Management Webinar - Part 3 of 4

Part 3: A real-world vulnerability management scenario

In this part, we present a case study detailing vulnerability management at a Fortune 100 Utility company. The case study describes the challenges faced by this large organization and how they were able to systematically address them to achieve vulnerability management success. We will discuss process improvements, key risk and performance metrics, and the risk prioritization model implemented to ensure that critical assets and business functions were protected.

If you have questions you'd like to submit before or after the webinars, we're here for you! Email me at troy.vera@brinqa.com or Tweet to @Brinqa using the hashtag #BrinqaWebinars

In this part, we discuss the technical capabilities needed by vulnerability management programs to proactively protect an organization. We will look at the nuances of risk modeling, data connectors, automation, remediation and analytics as they apply to vulnerability management and discuss how they come together in an effective vulnerability management program. We will also present 10 rules of thumb that all solution architects must consider as they build vulnerability management programs for their organization.

We’d love to answer all of your questions by email, ask them during the session in the chat window, you can email them to me at troy.vera@brinqa.com to be answered by email, or tweet @brinqa with the hashtag of #BrinqaWebinars and we will cover everyone’s questions.

In this part, we present a case study detailing vulnerability management at a Fortune 100 Utility company. The case study describes the challenges faced by this large organization and how they were able to systematically address them to achieve vulnerability management success. We will discuss process improvements, key risk and performance metrics, and the risk prioritization model implemented to ensure that critical assets and business functions were protected.

If you have questions you'd like to submit before or after the webinars, we're here for you! Email me at troy.vera@brinqa.com or Tweet to @Brinqa using the hashtag #BrinqaWebinars

In this part, we discuss how modern cyber risk management programs address vulnerability management challenges. We will look at the benefits of taking knowledge-centric and risk-centric approaches to vulnerability management and how these impact your program structure and performance. We present knowledge graphs as a potential solution to vulnerability management woes and put forth critical questions of vulnerability risk that all organizations must answer.

We’d love to answer all of your questions by email, ask them during the session in the chat window, you can email them to me at troy.vera@brinqa.com to be answered by email, or tweet @brinqa with the hashtag of #BrinqaWebinars and we will cover everyone’s questions.

Part 1: Need for better vulnerability management and common challenges

In this part, we make the case for why vulnerability management is a critical security control that all modern organizations must address. We look at the timeline of the Equifax breach and how the problems leading up to it can be attributed to poor vulnerability management practices. We also discuss common challenges that most organizations face when trying to implement a vulnerability management program.

We’d love to answer all of your questions, you can email them to our host at troy.vera@brinqa.com to be answered by email, or tweet @brinqa with the hashtag of #BrinqaWebinars and we will cover everyone’s questions.

Join us for this webinar as we discuss the visual language necessary to communicate with all the varied stakeholders that are impacted by or part of the vulnerability risk management process: business users, application owners, IT administrators, security professionals, compliance regulators, and others.
We will discuss the data analysis necessary to create and communicate different types of metrics, including :

Business Exposure: What risks are different business entities exposed to due the vulnerabilities?

Vulnerability Impact: How do different technologies and various types of vulnerabilities contribute to risk?

Remediation Performance: How effective and efficient are current remediation efforts?

With growing numbers of new vulnerabilities disclosed every year, increasing attacker sophistication, and a myriad of tools and teams that have to be synchronized for effective response, most organizations struggle with designing and implementing an effective vulnerability management program. In this webinar we discuss 3 key components that all modern vulnerability programs must address :

- Knowledge: How to create actionable intelligence from business context, threat intelligence, and any other relevant data source
- Automation: How to implement automation to streamline significant parts of the VM process
- Analytics: How to effectively engage and inform all stakeholders

You have completed your network and application scans to identify the vulnerabilities in your technology infrastructure. Now begins the long journey from a vulnerability being identified and reported, to appropriate actions being taken to address the problem. This ‘Remediation Gap’ is the window of opportunity for attackers to exploit a weakness. According to research, vulnerabilities typically spend hundreds of days in this limbo, leaving organizations exposed to attacks. Fortunately, there are concrete steps that you can take to combat this problem.

Join us for this webinar as we discuss 7 practical strategies designed to reduce the remediation gap while improving effectiveness, efficiency, and consistency, including how to

[Webinar] Vulnerability Risk Management - Lessons From the Trenches
One of the largest retailers in the world, top 5 medical insurance firm, largest US electric utilities provider - these are just some of the industry leaders that rely on Brinqa Vulnerability Risk Management to secure their critical assets. How do these cybersecurity organizations - representing some of the most complex, diverse and vast technology ecosystems in the world - tackle the most pressing vulnerability management problems of today?

Join us as we share lessons learned from down in the trenches of vulnerability risk management :
How top risk leaders and organizations approach risk prioritization
How to reduce remediation overhead while improving effectiveness
How you can gain insights into emerging threats like Meltdown and Spectre
How to future-proof your vulnerability risk management program

Web applications are a prime target for hackers. According to the Verizon DBIR 2017 report, web application attacks were the #1 source of data breaches in the past year. With increasing attacker sophistication and a growing web application footprint for most businesses, investing in the cutting edge of web application vulnerability detection and remediation is crucial.

Two technologies leading the charge are NetSparker and Brinqa.Netsparker is a scalable and dead accurate enterprise web application security solutions that enables businesses to easily identify vulnerabilities in web applications and APIs.Brinqa is a cyber risk management platform that helps security professionals triage and remediate application vulnerabilities in context of likelihood of weaponization and impact to business.

In this webinar we discuss how these two innovative technologies work together to create a comprehensive web application security program that helps AppSec programs identify, prioritize, remediate and report the most imminent and impactful vulnerabilities in your organization's software infrastructure.

Vulnerability management is consistently ranked among the top priorities for information security organizations. With an ever-growing attack surface and increasingly sophisticated malicious actors, traditional approaches to vulnerability management are struggling to keep pace with the changing threat landscape. Inconsistent, inefficient, manual processes to analyze, triage and remediate vulnerabilities doom many organizations to a never-ending game of catch-up.

In this webinar, we’re going to explore a strategy that can help organizations break out of ‘whack-a-mole’ vulnerability management cycles and begin to secure their IT infrastructure proactively : Automation.

Join this webinar to learn how you can automate large parts of the vulnerability risk management process, including:

All Brinqa applications include powerful self-service reporting capabilities. Using Brinqa Risk Analytics end-users can create detailed actionable reports for their risk, operations and business audiences. In this video we will walk you through creating a vulnerability report from scratch.

Some metrics represented in this report :
Critical Vulnerabilities
Exploitable Production and External Vulnerabilities
Most vulnerable host and CVE
Vulnerability Risk by OS and Ownership
Most Vulnerability Operating Systems
Vulnerability Risk Trend
In the video we will cover how you can :
Create single value metrics
Create tables and lists
Create visual metrics including pie, bar, columns charts
Create trend charts
Style reports with extensive appearance options

In this session, presented originally at the Qualys Security Conference is Las Vegas on Oct 19 2017, we discuss how Brinqa customers are creating a new breed of cyber risk intelligence programs by making Qualys vulnerability management a central focus of their efforts.

These programs take vulnerability management effectiveness to a new level, by introducing automation at every step of the process – whether it is integration and correlation of data from multiple sources, prioritization of vulnerability and asset risks, creation and management of tickets based on optimal remediation strategies, or representation and distribution of real-time metrics and KPIs.

Brinqa is a leading provider of unified risk management – enabling stakeholders, governance organizations, and infrastructure and security teams to effectively manage technology risk at the speed of business. Brinqa software and cloud services leverage an organization’s existing investment in systems, security, and governance programs to identify, measure, manage and monitor risk. With Brinqa, organizations are reducing response time to emerging threats, impact to business, and technology risk and compliance costs by over 50% through real-time risk analytics, automated risk assessments, prioritized remediation, actionable insights and improved communication.

Founded in 2008 by industry leaders in risk management with a proven track record in delivering cutting edge, innovative and cost-effective solutions. Brinqa’s award winning software and cloud services are trusted by fortune 500 companies across risk disciplines such as information technology risk, vendor risk, and regulatory compliance risk. Brinqa is headquartered in Austin, Texas and has a global presence.